Техническая информация
- [<HKLM>\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] 'Userinit' = '<SYSTEM32>\userinit.exe,%WINDIR%\Media\svchost.exe'
- '%WINDIR%\Media\svchost.exe'
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\e3[1].txt
- %TEMP%\B2BC.tmp
- %WINDIR%\Media\svchost.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\count[1].asp
- %TEMP%\B2BC.tmp
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\count[1].asp
- 'localhost':1039
- 'df####.dnsdojo.net':80
- df####.dnsdojo.net/e3.txt
- df####.dnsdojo.net/e3/count.asp?ma##
- DNS ASK df####.dnsdojo.net